MySQL connection with SSL
Hi all is possible to tell dovecot to use a mysql connection with SSL ?
My new remote mysql server only allows ssl connections
Gandalf,
Yes.
https://dev.mysql.com/doc/refman/8.3/en/using-encrypted-connections.html
It's common practice. From my experience most LAMP stacks are built and with a web front end that's handling the SSL traffic via apache to secure the connection between the client browser and the web server. SSL is operating on layer 4 of the OSI model so theoretically all applications (and most do) have some support for encrypted connections.
On 5/16/2024 5:46 AM, Gandalf Corvotempesta via dovecot wrote:
Hi all is possible to tell dovecot to use a mysql connection with SSL ?
My new remote mysql server only allows ssl connections
dovecot mailing list -- dovecot@dovecot.org To unsubscribe send an email to dovecot-leave@dovecot.org
-- Christopher Wensink IS Administrator Five Star Plastics, Inc 1339 Continental Drive Eau Claire, WI 54701 Office: 715-831-1682 Mobile: 715-563-3112 Fax: 715-831-6075 cwensink@five-star-plastics.com www.five-star-plastics.com
Il giorno gio 16 mag 2024 alle ore 15:12 Christopher Wensink via dovecot dovecot@dovecot.org ha scritto:
Yes.
https://dev.mysql.com/doc/refman/8.3/en/using-encrypted-connections.html
This is for using ssl with native mysql client. Dovecot uses the native library or has a embedded mysql library ?
because my .my.cnf is already set to use ssl as preferred, but dovecot doesn't connect with ssl.
See here for the documentation for dovecot:
https://doc.dovecot.org/admin_manual/ssl/
On 5/16/2024 8:30 AM, Gandalf Corvotempesta wrote:
Il giorno gio 16 mag 2024 alle ore 15:12 Christopher Wensink via dovecot dovecot@dovecot.org ha scritto:
Yes.
https://dev.mysql.com/doc/refman/8.3/en/using-encrypted-connections.html This is for using ssl with native mysql client. Dovecot uses the native library or has a embedded mysql library ?
because my .my.cnf is already set to use ssl as preferred, but dovecot doesn't connect with ssl.
-- Christopher Wensink IS Administrator Five Star Plastics, Inc 1339 Continental Drive Eau Claire, WI 54701 Office: 715-831-1682 Mobile: 715-563-3112 Fax: 715-831-6075 cwensink@five-star-plastics.com www.five-star-plastics.com
Il giorno gio 16 mag 2024 alle ore 15:34 Christopher Wensink cwensink@five-star-plastics.com ha scritto:
See here for the documentation for dovecot:
This has nothing to do with mysql connection.
What i've asked for is how to tell dovecot to connect to a mysql server by using an ssl connection (the native mysql ssl connection), not how to enable ssl in smtp/imap/pop3/whatever
Christopher Wensink via dovecot skrev den 2024-05-16 15:34:
See here for the documentation for dovecot:
this is not covering database connections
so above is for end-users connections, not dovecot connection to databases like mysql postgres, or other database backends
On 2024-05-16, Christopher Wensink via dovecot dovecot@dovecot.org wrote:
See here for the documentation for dovecot:
Wrong bit of the manual. See the sample dovecot-sql.conf.ext or https://doc.dovecot.org/configuration_manual/authentication/sql/#id10
Il giorno gio 16 mag 2024 alle ore 16:35 Stuart Henderson via dovecot dovecot@dovecot.org ha scritto:
Wrong bit of the manual. See the sample dovecot-sql.conf.ext or https://doc.dovecot.org/configuration_manual/authentication/sql/#id10
Seems much easier with this... I'll try tomorrow
On 16/05/2024 16:30 EEST Gandalf Corvotempesta via dovecot dovecot@dovecot.org wrote:
Il giorno gio 16 mag 2024 alle ore 15:12 Christopher Wensink via dovecot dovecot@dovecot.org ha scritto:
Yes.
https://dev.mysql.com/doc/refman/8.3/en/using-encrypted-connections.html
This is for using ssl with native mysql client. Dovecot uses the native library or has a embedded mysql library ?
because my .my.cnf is already set to use ssl as preferred, but dovecot doesn't connect with ssl.
I don't think dovecot will read your .my.cnf̣.
See supported options at https://doc.dovecot.org/settings/plugin/sql-mysql/
Aki
Il giorno gio 16 mag 2024 alle ore 15:58 Aki Tuomi aki.tuomi@open-xchange.com ha scritto:
I don't think dovecot will read your .my.cnf̣.
See supported options at https://doc.dovecot.org/settings/plugin/sql-mysql/
Probably "client_flags" is what i need to use but:
- i don't know the int value for CLIENT_SSL (and mysql docs arent' clear on this)
- mysql docs tell to not set the CLIENT_SSL in a client application....
Have you tried to set the ssl_* parameters as stated in https://doc.dovecot.org/settings/plugin/sql-mysql?
Am 16.05.24, 12:53 schrieb "Gandalf Corvotempesta via dovecot" dovecot@dovecot.org:
Hi all
is possible to tell dovecot to use a mysql connection with SSL ?
My new remote mysql server only allows ssl connections
_______________________________________________
dovecot mailing list -- dovecot@dovecot.org
To unsubscribe send an email to dovecot-leave@dovecot.org
participants (6)
-
Aki Tuomi
-
Benny Pedersen
-
Christopher Wensink
-
Gandalf Corvotempesta
-
Martin Behrens
-
Stuart Henderson